Hi there,
our client/server application uses either SSPI (Windows) or GSS-API (UNIX) in order to establish a secure context.
In order to make it work properly, I had to set specific encryption types in the krb5.conf file of the UNIX server:
[libdefaults] default_tkt_enctypes = des-cbc-md5 default_tgs_enctypes = des-cbc-md5
Does that mean that the established session keys are DES 64 bits *ONLY* ? It sounds like a weak encryption...
Are any other encryption types compatible between MIT and Windows 2000/2003 (native) Kerberos implementations ?
-- Mr. Jacques LEBASTARD mailto:[EMAIL PROTECTED] EVIDIAN S.A. www.evidian.com Rue Jean Jaurès Tel: +33 1 30 80 77 86 F-78340 LES CLAYES SOUS BOIS Fax: +33 1 30 80 77 99
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos